Hello Mulla, Tabrez,
Greetings! Welcome to Microsoft Q&A Platform.
When a disk is set to “Enable public access from all networks,” it can indeed be accessed from the public network if it is not attached to a VM. However, if the VM to which the disk is attached does not have a public IP, the disk is not exposed to the internet, thus reducing the risk of unauthorized access.
Public Access: If a disk is set to “Enable public access from all networks,” it can be accessed publicly only when it is not attached to a VM. Once attached to a VM, the disk inherits the network settings of the VM.
VM Without Public IP: If the VM does not have a public IP, the VM and its attached disks are not accessible from the internet. This means that even if the disk has public access enabled, it cannot be reached from the public network.
Microsoft’s Recommendation: Disabling public access and enabling private access is the most secure option. This setting ensures that the disk can only be accessed through private endpoints within your virtual network, providing an additional layer of security.
refer for more detailed information-https://learn.microsoft.com/en-us/azure/virtual-machines/managed-disks-overview, https://learn.microsoft.com/en-us/azure/virtual-machines/disks-enable-private-links-for-import-export-portal.
Hope this information helps! please accept the answer else, please let us know if you have any further queries. I’m happy to assist you further.
Please "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.